-- 002_auth.sql
-- Auth-Schema: Users und Sessions fuer Tenant-Login

create table if not exists users (
    id            text        primary key default gen_random_uuid()::text,
    tenant_id     text        not null references tenants(id) on delete cascade,
    username      text        not null,
    password_hash text        not null,
    role          text        not null default 'tenant',
    created_at    timestamptz not null default now(),
    unique(tenant_id, username)
);

create table if not exists sessions (
    id         text        primary key default gen_random_uuid()::text,
    user_id    text        not null references users(id) on delete cascade,
    created_at timestamptz not null default now(),
    expires_at timestamptz not null default (now() + interval '8 hours')
);

create index if not exists idx_sessions_user_id    on sessions(user_id);
create index if not exists idx_sessions_expires_at on sessions(expires_at);